Ian Barker

The security of APIs remains a top cybersecurity concern this year, according to a new study, yet there is still a lack of dedicated API security for many companies.

Research from TraceableAI, carried out at this year's RSA conference, finds that though 69 percent of organizations claim to factor APIs into their cybersecurity strategy, 40 percent of companies do not have dedicated professionals or teams for API security.

Continue reading →

New analysis by Orca Security of scan results from its Cloud Security Platform reveals the top risks facing organizations this year.

The analysis of workload, configuration and identity data from real-world production cloud assets on Amazon Web Services (AWS), Microsoft Azure, Google Cloud, Kubernetes and more identifies five of the most common, yet severe, cloud security risks which are found in many cloud environments.

Continue reading →

Thankfully the days of organizations storing passwords in plain text are pretty much gone. Most are now hashed using algorithms that prevent hackers from reading the database easily.

But, as new research from Specops Software reveals, that doesn't necessarily make things safe. The quality of the password itself has a big impact on how long it will take to crack.

Continue reading →

Could AI one day make your job obsolete? 81 percent of respondents to a new survey don't believe so.

The study of almost 1,200 UK office workers by ID Crypt Global finds that while 95 percent have heard of AI, 94 percent are doing nothing to prepare for the eventuality of AI replacing them in the workplace, such as learning new skills or looking for new industries to work in.

Continue reading →

A new report shows that 2022 saw a 300 percent increase in 'carpet bomb' DDoS attacks compared to 2021. Carpet bomb attacks, also known as spread-spectrum or spray attacks, distribute traffic across large IP address spaces.

Legacy technology, like standard victim-oriented detection and mitigation detection techniques, often fails to accurately identify these attacks, leading to incomplete mitigation or false positives. Legacy solutions can also simply be overwhelmed by the number of IP addresses involved.

Continue reading →

Security professionals all know that they should test their security hardware and software periodically to make sure it's working as intended. Many normal IT activities have unintended consequences that cause security configurations to 'drift' over time and make the organization more vulnerable.

But testing is frequently postponed or ignored because it never becomes a high enough priority. We spoke to Song Pang, SVP of engineering at NetBrain, to find out how automation can be used to detect when security products or network traffic are no longer behaving as intended.

Continue reading →

A new AI-based analysis and response engine designed to quickly address security gaps and resource limitations in mission critical operational infrastructure is being launched by Nozomi Networks.

Vantage IQ uses artificial intelligence (AI) and Machine Learning (ML) to help security teams by automating the time-consuming tasks associated with reviewing, correlating and prioritizing network, asset and alert data.

Continue reading →

Analysis of around a trillion API transactions spanning a range industries over the second half of 2022 by Cequence Security seeks to highlight the latest API threat trends plaguing organizations.

In the second half of 2022, approximately 45 billion search attempts were made for shadow APIs, marking a 900 percent increase from the five billion attempts made in the first half of the year.

Continue reading →

A new report from the Secureworks Counter Threat Unit (CTU) uncovers a thriving market in infostealer logs that serves as a key enabler for some of the most damaging forms of cybercrime such as ransomware attacks.

On the 'Russian Market' site alone, the number of logs for sale increased by 150 percent in less than nine months, from two million on a single day in June 2022 to over five million on a single day in late February 2023.

Continue reading →

It's human nature to have an, 'it can't happen to me' approach to life's mishaps, whether it's being involved in a traffic accident or falling victim to cybercrime.

But of course these things do happen to someone. When it comes to identity theft, Home Security Heroes has taken a more scientific approach to determining how likely you really are to become a victim.

Continue reading →

The number of deepfake videos online is increasing at an annual rate of 900 percent according to the World Economic Forum.

In the light of this Kaspersky researchers have revealed the top three fraud schemes using deepfakes that people should be aware of.

Continue reading →

Quantum computing is something that seems to have been hovering just out of reach for a decade or so -- in fact research into the concept first began back in the 1980s.

More recently quantum has come closer to a commercial reality, with big players like IBM publishing a road map with a clear, detailed plan to scale quantum processors and build the hardware necessary to take advantage of the technology and other big players like Google, Amazon, and Microsoft having since followed suit.

Continue reading →

Despite the fact that insecure password practices are regularly exploited in cyberattacks worldwide, 83 percent of cloud professionals surveyed at the recent Cloud Expo Europe event say they are confident about passwords' security effectiveness, with 34 percent 'very confident'.

But the study, of over 150 people, carried out by Beyond Identity also reveals frustrations. 60 percent find it frustrating to remember multiple passwords, 52 percent are frustrated by having to regularly change their passwords, and 52 percent by the requirement to choose long passwords containing numbers and symbols.

Continue reading →

As the world increasingly moves away from relying solely on passwords for identity verification, the focus is on alternative technologies. Whether that is passkeys, biometrics or other options, each has its own advantages and adherents.

Ricardo Amper, CEO and founder of next-generation identity verification solution provider Incode, sees biometrics as the key to eliminating discrimination and to creating a world of greater trust. We spoke to him to find out more.

Continue reading →

A new report from cyber insurance provider Cowbell shows that 90 percent of small business leaders underestimate the cost of a cyber incident.

The study of 500 SME leaders across the US shows that 50 percent of SMEs have experienced a significant cyber incident in the past 12 months and, of those, 90 percent say the attack cost more than they anticipated.

Continue reading →